|
224421
|
5.3 |
MEDIUM
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a user enumeration vulnerability, allowing an unauthenticated attacker to determine with cer…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2019-16516
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224422
|
6.5 |
MEDIUM
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. Certain HTTP security headers are not used.
|
NVD-CWE-Other
|
CVE-2019-16515
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224423
|
7.2 |
HIGH
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. The server allows remote code execution. Administrative users could upload an unsigned extension ZIP …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-16514
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224424
|
8.8 |
HIGH
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. CSRF can be used to send API requests.
|
CWE-352
Origin Validation Error
|
CVE-2019-16513
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224425
|
4.8 |
MEDIUM
Network
|
connectwise
|
control
|
An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is stored XSS in the Appearance modifier.
|
CWE-79
Cross-site Scripting
|
CVE-2019-16512
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224426
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortisiem
|
A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the device database via the use of static credentials.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2019-16153
|
2024-11-21 13:30 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224427
|
7.5 |
HIGH
Network
|
adobe
|
experience_manager
|
Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an expression language injection vulnerability. Successful exploitation could lead to sensitive information disclosure.
|
CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2019-16469
|
2024-11-21 13:30 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224428
|
7.5 |
HIGH
Network
|
adobe
|
experience_manager
|
Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an user interface injection vulnerability. Successful exploitation could lead to sensitive information disclosure.
|
CWE-74
Injection
|
CVE-2019-16468
|
2024-11-21 13:30 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224429
|
6.1 |
MEDIUM
Network
|
adobe
|
experience_manager
|
Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
|
CWE-79
Cross-site Scripting
|
CVE-2019-16467
|
2024-11-21 13:30 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224430
|
6.1 |
MEDIUM
Network
|
adobe
|
experience_manager
|
Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
|
CWE-79
Cross-site Scripting
|
CVE-2019-16466
|
2024-11-21 13:30 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
